Commit 55753980 authored by Christophe Maudoux's avatar Christophe Maudoux

WIP - checkUser hide secret attributes (#1658)

parent 30148caf
......@@ -29,7 +29,7 @@ sub defaultValues {
'casAuthnLevel' => 1,
'checkTime' => 600,
'checkUser' => 1,
'checkUserHiddenAttributes' => 'UA',
'checkUserHiddenAttributes' => 'UA _2fDevices',
'checkXSS' => 1,
'confirmFormMethod' => 'post',
'cookieName' => 'lemonldap',
......
......@@ -772,7 +772,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'type' => 'bool'
},
'checkUserHiddenAttributes' => {
'default' => 'UA',
'default' => 'UA _2fDevices',
'type' => 'text'
},
'checkXSS' => {
......
......@@ -586,7 +586,7 @@ sub attributes {
},
checkUserHiddenAttributes => {
type => 'text',
default => 'UA',
default => 'UA _2fDevices',
documentation => 'Attributes to hide in CheckUser plugin',
flags => 'p',
},
......
......@@ -63,11 +63,9 @@ sub check {
while ( my ( $k, $v ) = each %$attrs ) {
# Ignore hidden attributes
push @$array_attrs, { key => $k, value => $v } unless ( $self->hAttr =~ /\b$k\b/ );
push @$array_attrs, { key => $k, value => $v } unless ( $self->hAttr =~ /\b$k\b/ or !$v );
}
@$array_attrs = sort { $a->{key} cmp $b->{key} } @$array_attrs;
$self->logger->debug( "******** " . Dumper($array_attrs) );
# Check if user is allowed to access submitted URL and compute headers
if ( $url and %$attrs ) {
......@@ -85,9 +83,9 @@ sub check {
while ( my ( $k, $v ) = each %$hdrs ) {
push @$array_hdrs, { key => $k, value => $v };
}
@$array_hdrs = sort { $a->{key} cmp $b->{key} } @$array_hdrs;
$self->logger->debug( "+++++++++++++ " . Dumper($array_hdrs) );
}
# Display form
......
......@@ -20,18 +20,7 @@
</div>
<input name="url" type="text" class="form-control" value="<TMPL_VAR NAME="URL">" trplaceholder="URL" aria-required="true"/>
</div>
<div class="buttons">
<button type="submit" class="btn btn-success">
<span class="fa fa-sign-in"></span>
<span trspan="checkUser">Check user</span>
</button>
<a href="<TMPL_VAR NAME="PORTAL_URL">" class="btn btn-primary" role="button">
<span class="fa fa-home"></span>
<span trspan="goToPortal">Go to portal</span>
</a>
</div>
</form>
</div>
<TMPL_IF NAME="ALLOWED">
<div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="ALLOWED">"></span></div>
......@@ -83,4 +72,17 @@
</div>
</TMPL_IF>
<div class="buttons">
<button type="submit" class="btn btn-success">
<span class="fa fa-sign-in"></span>
<span trspan="checkUser">Check user</span>
</button>
<a href="<TMPL_VAR NAME="PORTAL_URL">" class="btn btn-primary" role="button">
<span class="fa fa-home"></span>
<span trspan="goToPortal">Go to portal</span>
</a>
</div>
</form>
</div>
<TMPL_INCLUDE NAME="footer.tpl">
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment